Skip to content

ISO 45001 is now available — are you considering it?

There are many questions to answer when thinking of adopting the new standard

By Eldeen Pozniak

This ISO 45001 document brings occupational health and safety management and continual improvement into the heart of an organization making a concern of an entire business. This new voluntary standard is an opportunity for organizations to align their OHS management system with their strategic direction.

The standard was developed over time and considerable discussion, with consideration and with a very broad alignment to other standards, such as the OHSAS 18001, the International Labour Organization’s ILO–OSH Guidelines, international labour standards and conventions and various national standards like Canada’s CSA Z1000 and USA’s ANZI Z10. It follows the high-level structure approach that is being applied to other ISO management system standards, such as ISO 9001 (quality) and ISO 14001 (environment). 
As you read through the document, you will realize it does not state specific criteria for OHS performance, and it is not prescriptive about the design of the system.  Its focus is on assessing and knowing your organization and creating a OHS management system that is specific to meeting its own needs in preventing injuries and ill health. As the briefing notes states, “consequently a small business with low risks may only need to implement a relatively simple system, whereas a large organization with high levels of risks may need something much more sophisticated.” So basically, any system that has the elements outlined to the level that is appropriate to the specific organization and that it is effective would be in conformity with the standard requirements.   
The 45001: 2018 still follows the simple plan-do-check-act model, which is the basic framework for most OHS systems to date. One thing that I do like about the 45001:2018 is that it is a risk-based approach. It falls within my safety philosophy of “the basics of safety – hazard identification, risk assessment and control,” and this risk-based approach does not conflict with the more traditional compliance-based approaches that most have their “safety program” based upon. It takes a greater step toward proactive generative prevention by emphasizing identification of what activities and processes could harm and to meet any legal compliance requirements, and then emphasizes appropriate controls, increases focus on responsibilities of all within the organization and ensures that there is a system that supports fulfilment and consideration on how that works with other programs and components in the organization.   
Depending on where the business/organization is, we as safety professionals may facilitate the following situations when the 45001:2018 topic comes up in our organization:
•“To have or not to have – that is the question”  – This is a decision that each organization needs to make in their best interest taking into consideration their specific situation, systems within their organization and the goals they want to achieve. Some may decide to take it up, and others not. I believe it will depend on our conversation with them.
•“We don’t have anything like that and we want it” – We may play a role in helping organizations to move their  OHS program or system in the 45001 direction, either through alignment or formal ISO recognition. I see this as a huge step toward a more proactive risk based approach, moving from the traditional compliance based safety program.
•"We are so close, lets go in this direction” – This, for me, is the situation where we help organizations transition from an 18001:2007 based system to the 45001: 2018.  
Over the next few blogs I will be looking at each one of these situations. Lets start today with this one:
“To have or not to have – that is the question”

This is a decision that each organization needs to make in their best interest taking into consideration their specific situation, systems within their organization and the goals they want to achieve.
As safety professionals, we need to be prepared to answer the questions: What is this 45001 about? And why should we do it? I was asked that very question the other day after a conference presentation I had delivered to a crowd of various industry employers and safety professionals. I had mentioned 45001 in my presentation briefly.  I was approached by representatives from a medium-sized organization that works throughout Western Canada and they asked why should they get 45001 when they had their Certificate of Recognition (COR). COR or SECOR (Small Employer Certificate of Recognition) for 10 or less employees is given to an organization that develops an audit-verified health and safety management system that meets established standards from a jurisdictional and industry standpoint.  

To get a COR, the business must first have a health a safety management system or program in place, and then have it successfully audited through a certifying partner.  Back to the question — it was a great question — I already have my COR, and that is what I need to bid on jobs, why do I need this 45001?  Let’s have some discussion here – how would you answer this question?  

Eldeen Pozniak

Eldeen Pozniak is a Canadian Registered Safety Professional, a Certified Health and Safety Consultant, a certified health and safety management system auditor, and a chartered member of the U.K.-based Institution of Occupational Safety and Health. She is a past president of the International Network of Safety and Health Practitioner Organizations and the Canadian Society of Safety Engineering. She is also the president and owner of Diggins Safety Consulting, and the director of Pozniak Safety Associates. She can be reached through
(Required, will not be published)
All comments are moderated and usually appear within 24 hours of posting. Email address will not be published.